Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Mobile & Social: The Tipping Point For Cybercrime
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
Monoranjang
50%
50%
Monoranjang,
User Rank: Apprentice
7/14/2014 | 1:06:30 AM
Re: What is Twitter doing?
Yes... I think we can develop some apps which can help to trap the criminals. The concept would be same, how an antivirus software can detect & trap malicius software. In this case we would not just trap the malicious software & propect our system but also take legal actions against the criminals.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
7/11/2014 | 9:41:03 AM
Re: What is Twitter doing?
Thanks for your comment @Monoranjang. Wondering if you have any specfic thoughts on what Twitter & FB should be doing to catch criminals and spread user awareness. 
Monoranjang
100%
0%
Monoranjang,
User Rank: Apprentice
7/11/2014 | 2:24:23 AM
Re: What is Twitter doing?
While we develop secured antiviral softwares & use in our devices, it is very important to

1. Pass an Internal Cybercrime Law againt the companies/organizations/individuals who is/are hosting hacking applications or plyaing any tricks to cheat users.

2. Big bosses of Twitter/Facebok must allocate a good bidget to catch the criminals & spread awareness among people through their social networking apps.

 
jd.sherry
50%
50%
jd.sherry,
User Rank: Author
5/21/2014 | 10:27:20 AM
Re: What is Twitter doing?
We all do love our apps don't we?  Having one or more apps in all of the major stores is important ,if not essential for businesses without question.  However many times the apps have much more web components underneath than you realize. Talking to back end web/app servers (think Heartbleed) and other pieces of infrastructure that piece together the overall experience for the user. Organizations need to ensure that their apps and websites have a tightly integrated security fabric to make sure the experience from a mobile app is enjoyable but equally secure.  I don't see a difference in security philosophy from either platform, web or mobile.  In fact, the two are intrinsically intertwined.
JamieJ716
100%
0%
JamieJ716,
User Rank: Apprentice
5/21/2014 | 4:33:53 AM
Re: What is Twitter doing?
All the social sites are doing well but now the smartphone mbile apps are going to be the Boss of all these.

 
jd.sherry
50%
50%
jd.sherry,
User Rank: Author
5/2/2014 | 10:32:59 AM
Re: Preaching to the choir? (Hope not)
Marilyn,

It is pretty consistent across all my talks which can have participants that range from CEO to clerical staff.  Even the security geeks are not immune to taking this unprotected approach unfortunately.  Mobile malware (particularly Android OS) is the shift from traditional Windows/PC based attacks.  More people are accessing senstiive sites and the internet in general from their mobile devices than PC's so that is where the attackers will focus and nefarious business models will flourish. Especially with so many of the users going without protection.
jd.sherry
50%
50%
jd.sherry,
User Rank: Author
5/1/2014 | 9:29:44 AM
Re: What is Twitter doing?
Excellent insight on the intelligence factor. Totally agree with you there.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
5/1/2014 | 9:29:23 AM
Preaching to the choir? (Hope not)
JD, I found it particularly disconcerting that in informal polling of the audience at your speaking engagements, so few (<25%) said they had a form of security software on their mobile device. Was there a difference in the response based on the composition of the audience? I'd be horrified if that was prevalent in your talks to security experts.

 
securityaffairs
50%
50%
securityaffairs,
User Rank: Ninja
5/1/2014 | 4:47:52 AM
Re: What is Twitter doing?
Social media are a privileged target of cyber criminals and state-sponsored hackers. Many illicit activities are exploiting social media platforms like phishing, spear phishing, watering hole and malware based attacks. Social media allow instantly to reach a wide audience. Don't forget also that they are also an excellent instrument for OSINT activity and also the ideal tools for PSYOps (see Arab spring) 
jd.sherry
50%
50%
jd.sherry,
User Rank: Author
5/1/2014 | 3:21:53 AM
Re: What is Twitter doing?
Blacklisting and account suspension is helping tremendously. I also think the continued education and adoption of two factor authentication is imperative.
Page 1 / 2   >   >>


Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17954
PUBLISHED: 2020-04-03
A Least Privilege Violation vulnerability in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9 allows root users on any crowbar managed node to cause become root on any other node. This issue affects: SUS...
CVE-2019-18904
PUBLISHED: 2020-04-03
A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Public Cloud 15-SP1, SUSE Linux Enterprise Module for Server Applications 15, SUSE Linux E...
CVE-2019-19914
PUBLISHED: 2020-04-03
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2020-5283
PUBLISHED: 2020-04-03
ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS show_subdir_lastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted ViewVC instance that also has the `show_subdir_l...
CVE-2020-11498
PUBLISHED: 2020-04-02
Slack Nebula through 1.1.0 contains a relative path vulnerability that allows a low-privileged attacker to execute code in the context of the root user via tun_darwin.go or tun_windows.go. A user can also use Nebula to execute arbitrary code in the user's own context, e.g., for user-level persistenc...